Skip to content

iccToXml emits ISO-8859-1 bytes (0xB0) in XML #395

New issue
New issue
Open
Report
Open
iccToXml emits ISO-8859-1 bytes (0xB0) in XML#395
Report
Labels
BugBug ReportIn ScopeMaintainer indicates In Scope ReportSecuritySecurity RelatedTriagedMaintainer indicates triaged status and ready for developer handoff
@xsscx

Description

@xsscx
xsscx
opened on Dec 31, 2025

Maintainer Repro

Wed Dec 31 09:47:51 PM UTC 2025

tl;dr iccToXml created XML 1.0 document, ISO-8859 text, with CRLF, LF line terminators

grep -n --text "ObserverAngle" ub-icDataBlockType-IccTagBasic_h-L1299.xml | xxd -g1
00000000: 31 35 33 37 3a 4d 45 41 53 55 52 45 4d 45 4e 54  1537:MEASUREMENT
00000010: 5f 53 4f 55 52 43 45 09 22 49 6c 6c 75 6d 69 6e  _SOURCE."Illumin
00000020: 61 74 69 6f 6e 3d 44 35 30 09 4f 62 73 65 72 76  ation=D50.Observ
00000030: 65 72 41 6e 67 6c 65 3d 32 b0 09 57 68 69 74 65  erAngle=2..White
00000040: 42 61 73 65 3d 41 62 73 09 46 69 6c 74 65 72 3d  Base=Abs.Filter=
00000050: 4e 6f 22 0d 0a                                   No"..

Summary

The output from iccToXml contains byte 0xB0 (ISO-8859-1 degree sign) where UTF-8 requires 0xC2 0xB0, making the XML invalid despite declaring encoding="UTF-8".

Step 1. Get PoC

cd Testing
wget https://github.com/xsscx/Commodity-Injection-Signatures/raw/refs/heads/master/graphics/icc/ub-icDataBlockType-IccTagBasic_h-L1299.icc

Step 2. file ub-icDataBlockType-IccTagBasic_h-L1299.icc

Expected Output of file command

ub-icDataBlockType-IccTagBasic_h-L1299.icc: Microsoft color profile 2.4, type APPL, CMYK/Lab-prtr device by LOGO, 2638280 bytes, 16-5-2006 13:56:05 "Xeikon FA Uncoated 320%"

Step 3. iccToXml ub-icDataBlockType-IccTagBasic_h-L1299.icc ub-icDataBlockType-IccTagBasic_h-L1299.xml

Unexpected Output for icc -> xml

IccProfLib/IccTagBasic.h:1299:45: runtime error: load of value 16777216, which is not a valid value for type 'icDataBlockType'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior IccProfLib/IccTagBasic.h:1299:45
IccXML/IccLibXML/IccTagXml.cpp:1730:7: runtime error: load of value 16777216, which is not a valid value for type 'icDataBlockType'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior Testing/tmp/iccDEV/IccXML/IccLibXML/IccTagXml.cpp:1730:7
XML successfully created

Step 4. file ub-icDataBlockType-IccTagBasic_h-L1299.xml

Unexpected Output of file command

ub-icDataBlockType-IccTagBasic_h-L1299.xml: XML 1.0 document, ISO-8859 text, with CRLF, LF line terminators

Create ICC Profile from XML

Step 5. iccFromXml ub-icDataBlockType-IccTagBasic_h-L1299.xml ub-icDataBlockType-IccTagBasic_h-L1299-from-xml.icc

Unexpected Output from iccFromXml

ub-icDataBlockType-IccTagBasic_h-L1299.xml:1537: parser error : Input is not proper UTF-8, indicate encoding !
Bytes: 0xB0 0x09 0x57 0x68
MEASUREMENT_SOURCE      "Illumination=D50       ObserverAngle=2�        WhiteBase=Abs   Filter=No"
                                                               ^
Unable to Parse 'ub-icDataBlockType-IccTagBasic_h-L1299.xml'

Expected Output

  • Proper UTF-8

Output from iccToXml

ub-icDataBlockType-IccTagBasic_h-L129901.xml

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugBug ReportIn ScopeMaintainer indicates In Scope ReportSecuritySecurity RelatedTriagedMaintainer indicates triaged status and ready for developer handoff

    Type

    Report

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions